CN105095047A - Monitoring method and device for extracting behavior characteristics of underlying system of operation system - Google Patents
Monitoring method and device for extracting behavior characteristics of underlying system of operation system Download PDFInfo
- Publication number
- CN105095047A CN105095047A CN201510423210.6A CN201510423210A CN105095047A CN 105095047 A CN105095047 A CN 105095047A CN 201510423210 A CN201510423210 A CN 201510423210A CN 105095047 A CN105095047 A CN 105095047A
- Authority
- CN
- China
- Prior art keywords
- function
- operating system
- kernel
- supervising
- eigenwert
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 53
- 238000012544 monitoring process Methods 0.000 title claims abstract description 19
- 230000006870 function Effects 0.000 claims abstract description 118
- 238000012549 training Methods 0.000 claims abstract description 18
- 230000003542 behavioural effect Effects 0.000 claims description 34
- 238000000605 extraction Methods 0.000 claims description 24
- 230000005856 abnormality Effects 0.000 claims description 8
- 238000010801 machine learning Methods 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 8
- 230000008569 process Effects 0.000 claims description 7
- 230000000694 effects Effects 0.000 claims description 6
- 230000007246 mechanism Effects 0.000 claims description 6
- 238000007635 classification algorithm Methods 0.000 claims description 3
- 238000013468 resource allocation Methods 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 6
- 230000006399 behavior Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000002547 anomalous effect Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000012905 input function Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 238000007621 cluster analysis Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000012937 correction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000013467 fragmentation Methods 0.000 description 1
- 238000006062 fragmentation reaction Methods 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 239000000700 radioactive tracer Substances 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 239000013598 vector Substances 0.000 description 1
Landscapes
- Debugging And Monitoring (AREA)
Abstract
The invention brings forward a monitoring method and device for extracting behavior characteristics of an underlying system of an operation system. The method comprises following steps of: step 1, acquiring parameters and return values for kernel functions of resource allocation events and exception handling events in the operation system, transmitting parameters and return values to a user mode from a system kernel and recoding parameters and return values to storage files; step 2, constructing parameters and return values in the user mode to characteristic values and recording characteristic values to training datasets, wherein characteristic values reflect active states of the system; and step 3, acquiring current characteristic value of the operation system and determining current active state of the operation system based on a large amount of recorded training datasets. Accordingly, behavior characteristics of the underlying system of the operation system can be accurately captured and the current active state of the operation system can be monitored.
Description
Technical field
The invention belongs to field of computer architecture, relate to computer operating system monitoring, particularly a kind of operating system method for supervising and device extracting first floor system behavioural characteristic.
Background technology
System monitoring is the key of understanding system behavior, and developer and programmer are fixed against system monitoring instrument to the bottleneck providing enough information and remove system performance correction and the bugs hidden.But becoming increasingly complex along with operating system becomes, removing to identify the bottleneck in system performance and the bugs in hiding becomes more and more difficult to understand these system act of execution.And existing main monitoring solution does not accomplish the system features with the lower abundant bottom of overhead extraction, for the automatic analysis of formalization method.Such as, in software command operating is monitored and debug time arrange breakpoint all can produce excessive expense.Also be that cost is large and do not have sufficient expressive force to the monitoring of system call.The hardware counting provided by developer oneself after this hardware of configuration, can collect a small amount of specific useful information.But owing to have employed the method for sampling, still there is no working majority certificate for analyzing.Contrary, the tolerance on high system level, the transactions etc. completed in per second as application program.The method still can not capture enough accurate first floor system behavior.And seldom have monitoring solution to provide a system utilize diagnostic message in the past to find with formal mode and solve problem possible in the future.
The people such as TudorMarian propose a kind of new supervisory system, can by compute kernel function call extract indexable first floor system feature, and can effectively when system cloud gray model Using statistics method as cluster analysis and machine learning analytical characteristic.But information retrieval has completed the statistical technique succeeded in developing that has been proved to be for the retrieval of automatic document and collection.The word frequency in all documents is simply added up in information retrieval, thus produces abundant characteristic information for analyzing.Such as, what search engine was traditional is all jettisoning scene information, then uses word frequency to calculate file correlation by entity scoring (ranking) and entity ranking (scoring).In order to extract useful first floor system feature, in document 1 extraction system feature by by the concept in information acquisition and text mining Conceptual Projection in system action.Word calling relative to a kernel function in an information acquisition concept.Document relative to the first floor system behavior (low-levelsystemactivity) in a period of time or system call corpus (corpus) relative to the collection to multiple system action (systemactivities).Word frequency reverse gear (tf-idf) model representative document is used, with weight vectors as system features in document 1.But the kernel function call information that the whole operating system of the method record is all, and only the number of times of function call do not had the behavioral activity of sufficient embodiment system in a period of time as eigenwert.
Summary of the invention
In order to solve the problem, the object of the invention is to, a kind of method for supervising and the system of extracting first floor system behavioural characteristic are provided, can the first floor system behavioural characteristic of capture operation system more accurately, the active state current to system is monitored.
For achieving the above object, the operating system method for supervising of the extraction first floor system behavioural characteristic that the present invention proposes, comprise: step 1, the parameter of the kernel function of Resourse Distribute event and abnormality processing event and rreturn value in acquisition operations system, described parameter and rreturn value are delivered to User space from system kernel, and are recorded on storage file; Step 2, is configured to eigenwert by described parameter and rreturn value under User space, and described eigenwert is recorded to training dataset, the active state of wherein said eigenwert reactive system; Step 3, obtains the eigenwert that operating system is current, judges based on the described training dataset recorded in a large number the active state that operating system is current.
The operating system method for supervising of extraction first floor system behavioural characteristic of the present invention, wherein, the kernel function of described Resourse Distribute event comprises slaballocator memory allocation function, kfree releasing memory space function and/or kmem_cache_alloc and distributes idle object function; The kernel function of described abnormality processing event comprises do_page_falut page fault process function.
The operating system method for supervising of extraction first floor system behavioural characteristic of the present invention, wherein, above-mentioned steps 1 comprises: step 11, creates relayfs file system passage during operating system initialization in operating system nucleus; Step 12, revises the monitoring mechanism to function call in existing Ftrace function; Step 13, adds the function of the stack information for recording kernel function in described relayfs file system passage, and the exit portion in described kernel function adds the function for the parameter and rreturn value recording described kernel function.
The operating system method for supervising of extraction first floor system behavioural characteristic of the present invention, wherein, above-mentioned steps 1 also comprises: step 14, distributes one unique No. ID, distinguish kernel function with No. ID for each kernel function.
The operating system method for supervising of extraction first floor system behavioural characteristic of the present invention, wherein, regularly reads parameter and the rreturn value of the kernel function recorded, is recorded on storage file under User space from relayfs file system passage.
The operating system method for supervising of extraction first floor system behavioural characteristic of the present invention, wherein, in step 2 above, is configured to the described parameter that described disk file records and rreturn value the eigenwert that eigenwert is configured to have following form,
(S
i,F
1(i,1),F
1(i,2),...,F
2(i,1),F
2(i,2),...,R
1(i),...,R
j(i))(1)
Wherein, S
ibe expressed as kernel function ID, R
ji () is expressed as the rreturn value of function when jth time to call this function, F
ji () is expressed as i-th parameter value of function when jth time to call this function, for all kernel function distribute the ID specified.
The operating system method for supervising of extraction first floor system behavioural characteristic of the present invention, wherein, adopts eigenwert described in machine learning classification Algorithm Analysis, and is recorded to training dataset.
The operating system method for supervising of extraction first floor system behavioural characteristic of the present invention, wherein, in above-mentioned steps 3, the parameter of the kernel function obtained within a period of time and rreturn value are as system current activity state eigenwert.
In addition, the present invention also proposes a kind of operating system supervising device adopting any one method above-mentioned to extract first floor system behavioural characteristic.
Effect of the present invention is: the present invention does not monitor all functions of kernel, but the parameter of the function of Resourse Distribute event main in monitoring kernel and abnormality processing event and rreturn value, the workload of supervisory system can be reduced, lower system overhead is utilized to extract abundant first floor system feature, and different forms method is resolved the system features obtained, adopt machine learning classification method training characteristics data set, thus the monitor message in system past can be utilized to find and resolution system is current may produced problem.
Accompanying drawing explanation
Fig. 1 is the process flow diagram of the operating system method for supervising of extraction first floor system behavioural characteristic of the present invention.
Fig. 2 is the overall design block diagram of the operating system method for supervising of the extraction first floor system behavioural characteristic of the embodiment of the present invention.
Fig. 3 is the monitoring kernel input function parameter of the embodiment of the present invention and the schematic diagram of function return value.
Fig. 4 is the formation block diagram of the operating system supervising device of extraction first floor system behavioural characteristic of the present invention.
Description of reference numerals
1 operating system supervising device
11 passage creation modules
12 function modified modules
13 information logging modles
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with accompanying drawing, the operating system method for supervising of extraction first floor system behavioural characteristic of the present invention and device are further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
In general, operating system nucleus is mainly divided into management of process, memory management, and Virtual File System and network management etc. provide system resource to upper layer application.In the present invention, by monitoring the parameter of wherein Chief function and rreturn value and the behavioural characteristic of system under extracting fixed mode.Do not monitor all functions of kernel with document 1 unlike method for supervising of the present invention, but monitor parameter and the rreturn value of the function of main Resourse Distribute event and abnormality processing event in kernel.For parameter and rreturn value, there is action messages a large amount of in current system.And the present invention is by the behavioural characteristic of the method application supervisory system, because the behavioural characteristic of system also comprises the management to memory source, to the management and management of process etc. of file system.And the parameter of wherein called kernel function has also been rich in a lot of information.Such as monitor memory management part, follow the tracks of the distribution condition of slaballocator memory allocation function.Comprise kfree releasing memory space function, kmem_cache_alloc distributes in the call parameters of the kernel function such as idle object function and has request dispatching memory size with the internal memory of application to which region, finally can follow the tracks of according to tracer the Information Statistics that software collects and analyze internal fragmentation situation, find out Memory Allocation code snippet the most frequently, etc.Also can obtain kernel to distribute in the recent period use structure frequently according to the parameter transmitted in Memory Allocation mechanism (slab mechanism).Monitoring for anomalous event is mainly the monitoring to do_page_falut page fault process function, but the return message of function contains the decision-making made some anomalous events, as core dumped appears in client layer, there is copy-on-write (copy) etc. in consumer process.
The present invention needs to revise kernel code, monitors specified function recalls information and creates the transmission of relayfs passage for monitor message when operating system initialization.Finally user's space start a finger daemon regularly from relayfs read record the details of function call, be recorded in disk file.To the recorded information structural attitude value in disk file, for the training dataset of last machine learning classification.
Relayfs is a file system forwarding (relay) data fast, and it is gained the name with its function.It needs the instrument from kernel spacing forwarding mass data to user's space and application to provide forwarding mechanism fast and effectively for those.Use this forwarding instrument to monitor the necessary information that obtains to client layer to transmit inner nuclear layer function, analyze for client layer.
Provide specific embodiments of the invention below, by reference to the accompanying drawings the present invention is described in detail.
As shown in Figure 1, the method for supervising of extraction first floor system behavioural characteristic of the present invention, comprising:
Step 1, in acquisition operations system, the parameter of the kernel function of Resourse Distribute event and abnormality processing event and rreturn value, be delivered to described parameter and rreturn value User space from system kernel, and be recorded in disk file;
Step 2, is configured to eigenwert by described parameter and rreturn value under User space, and described eigenwert is recorded to training dataset, the active state of wherein said eigenwert reactive system;
Step 3, obtains the eigenwert that operating system is current, judges based on the described training dataset recorded in a large number the active state that operating system is current.
Wherein, in step 1, when described parameter and rreturn value being delivered to User space from system kernel, need amendment kernel code (for Linux system), it specifically comprises:
Step 11, creates relayfs passage, under being delivered to User space for kernel state monitoring function call information.The establishment position selected, under init/main.c function, uses unlatching fast-forwarding function relay_open to create a passage in do_basic_setup initialization function.The application program of user's space makes its data available under user's space by using mapping function mmap () to carry out mapping created passage file.
Step 12, revises in existing Ftrace, mainly adds one section of stub stub code in the beginning of all kernel function to the monitoring mechanism of function call, and Ftrace heavy duty this section of code realizes following the trail of (trace) function.Recompile kernel can call perl script a: recordmcount.pl address of each function to be write a special section: _ mcount_loc. is at the initial stage of kernel initialization, Ftrace inquiry _ _ mcount_loc section, obtain the entry address of each function, and mcount is replaced with dummy instruction (nop instruction).So in default situations, Ftrace can not have an impact to core performance.When user opens Ftrace function, make Ftrace that these nop instructions are dynamically replaced with ftrace_caller, for trace function invoke user registered.The present invention needs amendment perl script by appointment monitoring kernel function name write section _ _ mcount_loc section, all adds mcount in kernel function entry address and exit address place.
Step 13, be illustrated in figure 3 the monitoring kernel input function parameter of the embodiment of the present invention and the schematic diagram of function return value, this there is shown the position of added code, the present invention adds self-defining function and namely starts the stack information (i.e. function call parameter information) that stub stub_start records kernel function, exit portion in monitored kernel function is added self-defining function and is namely terminated the rreturn value that stub stub_end records kernel function, and can directly by obtaining above-mentioned rreturn value in the register %eax of the use stack rule of acquiescence, 0 is just used to represent for not having the situation of rreturn value, wherein, the stack information (i.e. function call parameter information) of above-mentioned kernel function is that the mcount of the entrance by adding in step 12 is redirected to function stub_start's, above-mentioned function return value is (as shown on the solid line in figure 3) that the mcount of outlet by adding in step 12 is redirected to stub_end, finally the rreturn value of the kernel function recorded in the stack information (i.e. function call parameter information) of the kernel function recorded in above-mentioned stub_start function and above-mentioned stub_end function is sent to the relayfs passage (as shown in phantom in Figure 3) that step 11 creates.
Step 14, all distributes one unique No. ID to monitored kernel function, distinguishes kernel function by No. ID.
Then be need by according to the system activity eigenwert described in above-mentioned ID sequence number construction step 2 for training characteristics in machine learning, wherein the method for concrete structural attitude value is as follows:
The kernel function parameters that disk file records and rreturn value are configured to the eigenwert that eigenwert is configured to have following form,
(S
i,F
1(i,1),F
1(i,2),...,F
2(i,1),F
2(i,2),...,R
1(i),...,R
j(i))(1)
S
ibe expressed as kernel function ID (for each kernel function specifies a unique ID), R
ji () is expressed as the rreturn value of function when jth time to call this function, F
ji () is expressed as i-th parameter value of jth time call function.All monitored functions are that it distributes the ID that specifies, finally according to assigned I D sequence as feature.
For the collection of the kernel function parameters in step 1 and rreturn value, finger daemon can be started at user's space and regularly read from relayfs file system record function call details, be recorded in disk file.
Above-mentioned steps 3 relates to the analysis of operating system current activity state, specifically comprises:
Step 31, using the parameter of the kernel function in a period of time T (such as T is for 30min or 60min) and rreturn value as the eigenwert of current system active state, the method for structural attitude value to be described in foregoing.
Step 32, automatic analysis system behavior uses traditional statistical technique such as cluster, machine learning or based on the characteristic signature similarity-rough set searching for label, uses form in previous step to turn to the data of data as input of eigenwert form.Finally based on the Experiment Training data set recorded in a large number, judge what state current system is in by gathering current activity state eigenwert.
The overall design block diagram of the operating system method for supervising of the extraction first floor system behavioural characteristic of the embodiment of the present invention as shown in Figure 2.Be specially, step 10, the switch that run function calls, start to collect kernel function call information, relayfs file system passage can be created by the method for above-mentioned steps 11-step 13, the parameter of kernel function and rreturn value are delivered to User space from system kernel, and under User space, start the information of finger daemon periodic collection from relayfs file system; Step 20, carries out formatting definition to the data collected, and concrete define method can adopt the method for above-mentioned formula (1); Step 30, uses eigenwert described in machine learning classification Algorithm Analysis, and is recorded to training dataset, obtains the eigenwert that operating system is current, judges based on the described training dataset recorded in a large number the active state that operating system is current.
In addition, the present invention also proposes a kind of operating system supervising device 1 adopting the operating system method for supervising of said extracted first floor system behavioural characteristic to extract first floor system behavioural characteristic, it is formed as shown in Figure 4, specifically comprise: information extraction modules 11, for parameter and the rreturn value of the kernel function of Resourse Distribute event and abnormality processing event in acquisition operations system, described parameter and rreturn value are delivered to User space from system kernel, and are recorded in disk file; Formatting module 12, for described parameter and rreturn value being configured to eigenwert under User space, is recorded to training dataset by described eigenwert, the active state of wherein said eigenwert reactive system; State analyzing module 13, for obtaining the current eigenwert of operating system, judges based on the described training dataset recorded in a large number the active state that operating system is current.
Claims (9)
1. extract an operating system method for supervising for first floor system behavioural characteristic, it is characterized in that, comprising:
Step 1, in acquisition operations system, the parameter of the kernel function of Resourse Distribute event and abnormality processing event and rreturn value, be delivered to described parameter and rreturn value User space from system kernel, and be recorded on storage file;
Step 2, is configured to eigenwert by described parameter and rreturn value under User space, and described eigenwert is recorded to training dataset, the active state of wherein said eigenwert reactive system;
Step 3, obtains the eigenwert that operating system is current, judges based on the described training dataset recorded in a large number the active state that operating system is current.
2. the operating system method for supervising of extraction first floor system behavioural characteristic according to claim 1, is characterized in that,
The kernel function of described Resourse Distribute event comprises slaballocator memory allocation function, kfree releasing memory space function and/or kmem_cache_alloc and distributes idle object function;
The kernel function of described abnormality processing event comprises do_page_falut page fault process function.
3. the operating system method for supervising of extraction first floor system behavioural characteristic according to claim 1, it is characterized in that, described step 1 comprises:
Step 11, creates relayfs file system passage in operating system nucleus during operating system initialization;
Step 12, revises the monitoring mechanism to function call in existing Ftrace function;
Step 13, adds the function of the stack information for recording kernel function in described relayfs file system passage, and the exit portion in described kernel function adds the function for the parameter and rreturn value recording described kernel function.
4. the operating system method for supervising of the extraction first floor system behavioural characteristic according to claim 1 or 3, it is characterized in that, described step 1 also comprises:
Step 14, distributes one unique No. ID for each kernel function, distinguishes kernel function with No. ID.
5. the operating system method for supervising of extraction first floor system behavioural characteristic according to claim 3, is characterized in that,
Under User space, from relayfs file system passage, regularly read parameter and the rreturn value of the kernel function recorded, be recorded on storage file.
6. the operating system method for supervising of extraction first floor system behavioural characteristic according to claim 1, is characterized in that, in described step 2,
The described parameter that described disk file records and rreturn value are configured to the eigenwert that eigenwert is configured to have following form,
(S
i,F
1(i,1),F
1(i,2),...,F
2(i,1),F
2(i,2),...,R
1(i),...,R
j(i))(1)
Wherein, S
ibe expressed as kernel function ID, R
ji () is expressed as the rreturn value of function when jth time to call this function, F
ji () is expressed as i-th parameter value of function when jth time to call this function, for all kernel function distribute the ID specified.
7. the operating system method for supervising of extraction first floor system behavioural characteristic according to claim 6, is characterized in that, adopts eigenwert described in machine learning classification Algorithm Analysis, and is recorded to training dataset.
8. the operating system method for supervising of extraction first floor system behavioural characteristic according to claim 1, is characterized in that, in described step 3, the parameter of the kernel function obtained in a period of time T and rreturn value are as system current activity state eigenwert.
9. the operating system supervising device adopting method according to any one of claim 1-8 to extract first floor system behavioural characteristic.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510423210.6A CN105095047B (en) | 2015-07-17 | 2015-07-17 | A kind of operating system monitoring method and device for extracting first floor system behavioural characteristic |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510423210.6A CN105095047B (en) | 2015-07-17 | 2015-07-17 | A kind of operating system monitoring method and device for extracting first floor system behavioural characteristic |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105095047A true CN105095047A (en) | 2015-11-25 |
| CN105095047B CN105095047B (en) | 2018-05-04 |
Family
ID=54575543
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510423210.6A Active CN105095047B (en) | 2015-07-17 | 2015-07-17 | A kind of operating system monitoring method and device for extracting first floor system behavioural characteristic |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105095047B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108228435A (en) * | 2017-04-21 | 2018-06-29 | 珠海市魅族科技有限公司 | Processor based on Ftrace performs state model building method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1892616A (en) * | 2006-05-12 | 2007-01-10 | 中国科学院计算技术研究所 | Method for realizing kernel-mode programe verification in user-mode random verification of microprocessor |
| US20140215276A1 (en) * | 2005-10-25 | 2014-07-31 | The Trustees Of Columbia University In The City Of New York | Methods, media, and systems for detecting anomalous program executions |
| CN104424034A (en) * | 2013-09-04 | 2015-03-18 | 华为技术有限公司 | Hardware resource access method and hardware resource access device |
| CN104715190A (en) * | 2015-02-03 | 2015-06-17 | 中国科学院计算技术研究所 | Method and system for monitoring program execution path on basis of deep learning |
-
2015
- 2015-07-17 CN CN201510423210.6A patent/CN105095047B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140215276A1 (en) * | 2005-10-25 | 2014-07-31 | The Trustees Of Columbia University In The City Of New York | Methods, media, and systems for detecting anomalous program executions |
| CN1892616A (en) * | 2006-05-12 | 2007-01-10 | 中国科学院计算技术研究所 | Method for realizing kernel-mode programe verification in user-mode random verification of microprocessor |
| CN104424034A (en) * | 2013-09-04 | 2015-03-18 | 华为技术有限公司 | Hardware resource access method and hardware resource access device |
| CN104715190A (en) * | 2015-02-03 | 2015-06-17 | 中国科学院计算技术研究所 | Method and system for monitoring program execution path on basis of deep learning |
Non-Patent Citations (1)
| Title |
|---|
| 陈丽波等: ""Linux 内核跟踪机制 LTT 的研究"", 《计算机工程》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108228435A (en) * | 2017-04-21 | 2018-06-29 | 珠海市魅族科技有限公司 | Processor based on Ftrace performs state model building method and system |
| CN108228435B (en) * | 2017-04-21 | 2021-01-26 | 珠海市魅族科技有限公司 | Ftrace-based processor execution state model building method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105095047B (en) | 2018-05-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9367601B2 (en) | Cost-based optimization of configuration parameters and cluster sizing for hadoop | |
| US8626765B2 (en) | Processing database operation requests | |
| CN102999314A (en) | Immediate delay tracker tool | |
| CN110569214A (en) | Index construction method and device for log file and electronic equipment | |
| CN111881011A (en) | Log management method, platform, server and storage medium | |
| US20080065588A1 (en) | Selectively Logging Query Data Based On Cost | |
| CN101639803A (en) | Exception handling method and exception handling device for multithread application system | |
| CN110389933B (en) | Inter-process log management method and device | |
| CN102915269A (en) | Method for analyzing common logs of B/S (browser/server) software system | |
| CN107004086A (en) | Security information and incident management | |
| CN110147470B (en) | Cross-machine-room data comparison system and method | |
| CN110442402A (en) | Data processing method, device, equipment and storage medium | |
| EP3230869A1 (en) | Separating test verifications from test executions | |
| CN103842973A (en) | Monitoring stored procedure execution | |
| CN102893261B (en) | The idle conversion method of sampling and system thereof | |
| CN114610588A (en) | Database performance analysis method and device, electronic equipment and storage medium | |
| CN106874067A (en) | Parallel calculating method, apparatus and system based on lightweight virtual machine | |
| CN106445732A (en) | Version control-based online snapshot management method and system | |
| CN109587265A (en) | A kind of information push method, device, equipment and readable storage medium storing program for executing | |
| KR101830936B1 (en) | Performance Improving System Based Web for Database and Application | |
| CN111338609B (en) | Information acquisition method, device, storage medium and terminal | |
| CN112433888A (en) | Data processing method and device, storage medium and electronic equipment | |
| CN111737203A (en) | Database history log backtracking method, device, system, equipment and storage medium | |
| CN109857716B (en) | System interaction log recording method and device, storage medium and server | |
| CN105095047A (en) | Monitoring method and device for extracting behavior characteristics of underlying system of operation system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240320 Address after: Room 711C, Floor 7, Building A, Yard 19, Ronghua Middle Road, Daxing District, Beijing Economic-Technological Development Area, 100176 Patentee after: Beijing Zhongke Flux Technology Co.,Ltd. Country or region after: China Address before: 100190 No. 6 South Road, Zhongguancun Academy of Sciences, Beijing, Haidian District Patentee before: Institute of Computing Technology, Chinese Academy of Sciences Country or region before: China |
|
| TR01 | Transfer of patent right |